skip to Main Content
bitcoin
Bitcoin (BTC) $ 97,792.20 1.56%
ethereum
Ethereum (ETH) $ 3,432.40 4.43%
tether
Tether (USDT) $ 1.00 0.09%
solana
Solana (SOL) $ 256.66 1.25%
bnb
BNB (BNB) $ 658.89 5.94%
xrp
XRP (XRP) $ 1.50 5.95%
dogecoin
Dogecoin (DOGE) $ 0.431056 8.28%
usd-coin
USDC (USDC) $ 1.00 0.02%
cardano
Cardano (ADA) $ 1.07 11.45%
staked-ether
Lido Staked Ether (STETH) $ 3,433.69 4.33%

Ledger faces class action from phishing scam victims

Ledger and Shopify are facing a class-action lawsuit over sensitive information regarding 270,000 of Ledger’s customers’ that was stolen by Shopify employees.

4491 Total views

19 Total shares

Ledger faces class action from phishing scam victims

Ledger and Shopify have been hit by a class action lawsuit over a major data breach that saw the personal data of 270,000 hard wallet customers stolen between April and June 2020,

Phishing scam victims John Chu and Edward Baton filed the lawsuit in California against the crypto wallet provider and its e-commerce partner Shopify on April 6.

The Plaintiffs alleged that the firms “negligently allowed, recklessly ignored, and then intentionally sought to cover up” the data breach. The data was stolen when rogue employees of Shopify accessed the company’s e-commerce and marketing database for Ledger, with the hackers then selling the data on the dark web.

“Had Ledger acted responsibly during this period, much of that loss could have been avoided,” they claim.

The pair are seeking redress for the damages caused by the breach, requesting “all relief allowed by law, including injunctive relief.” Chu lost $267,000 worth of BTC and ETH, and Baton lost $75,000 worth of XLM in phishing scams that impersonated correspondence from the firms.

The data, spanning full names, email, phone numbers, and shipping addresses, was eventually posted on the website RaidForums in late December. The lawsuit accuses Ledger in particular of failing to “individually notify every affected customer or admit to the full scope of the breach.”

“Ledgers and Shopify’s misconduct has made targets of Ledger customers, with their identities known or available to every hacker in the world. Ledger’s persistently deficient response compounded the harm. In failing to individually notify every affected customer or admit to the full scope of the breach.”

While it has yet to be proven if the firm knew the full scope initially, it published a blog post in July 2020 stating that 9500 users had their data leaked at the time.

Ledger fully acknowledged the data leak on January 13, in a blog post that confirmed that access to their user database had been a result of the Shopify hack, while announcing changes to how they store data, communicate with customers, and also offered a 10 BTC bounty fund for information leading to successful arrest and prosecution of the hackers.

Loading data ...
Comparison
View chart compare
View table compare
Back To Top